misc-progs: Call unpriv_system commands in a shell master
authorMichael Tremer <michael.tremer@ipfire.org>
Sun, 7 Feb 2021 16:46:55 +0000 (16:46 +0000)
committerMichael Tremer <michael.tremer@ipfire.org>
Sun, 7 Feb 2021 16:47:47 +0000 (16:47 +0000)
Reported-by: Arne Fitzenreiter <arne_f@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
src/misc-progs/setuid.c

index efd181a..8044742 100644 (file)
@@ -144,7 +144,14 @@ int safe_system(char* command) {
 /* Much like safe_system but lets you specify a non-root uid and gid to run
  * the command as */
 int unpriv_system(char* command, uid_t uid, gid_t gid) {
-       return system_core(command, NULL, uid, gid, "unpriv_system");
+       char* argv[4] = {
+               "/bin/sh",
+               "-c",
+               command,
+               NULL,
+       };
+
+       return system_core(argv[0], argv, uid, gid, "unpriv_system");
 }
 
 /* General routine to initialise a setuid root program, and put the